Vulnerability Details : CVE-2017-5454
A mechanism to bypass file system access protections in the sandbox to use the file picker to access different files than those selected in the file picker through the use of relative paths. This allows for read only access to the local file system. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 52.1, and Firefox < 53.
Vulnerability category: Information leak
Exploit prediction scoring system (EPSS) score for CVE-2017-5454
Probability of exploitation activity in the next 30 days: 0.28%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 65 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2017-5454
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |
10.0
|
2.9
|
NIST |
|
7.5
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2017-5454
-
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.Assigned by: nvd@nist.gov (Primary)
References for CVE-2017-5454
-
http://www.securitytracker.com/id/1038320
Mozilla Firefox Multiple Bugs Let Remote Users Bypass Security Restrictions, Spoof URLs, Obtain Potentially Sensitive Information, Deny Service, and Execute Arbitrary Code - SecurityTrackerThird Party Advisory;VDB Entry
-
https://www.mozilla.org/security/advisories/mfsa2017-12/
Security vulnerabilities fixed in Firefox ESR 52.1 — MozillaVendor Advisory
-
https://access.redhat.com/errata/RHSA-2017:1201
RHSA-2017:1201 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://www.mozilla.org/security/advisories/mfsa2017-13/
Security vulnerabilities fixed in Thunderbird 52.1 — MozillaVendor Advisory
-
https://www.mozilla.org/security/advisories/mfsa2017-10/
Security vulnerabilities fixed in Firefox 53 — MozillaVendor Advisory
-
https://access.redhat.com/errata/RHSA-2017:1106
RHSA-2017:1106 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1349276
1349276 - (CVE-2017-5454) Paths received by FileSystemRequestParent need to be sanitized before passed to IsDescendantPathIssue Tracking;Patch;Vendor Advisory
-
http://www.securityfocus.com/bid/97940
Mozilla Firefox Multiple Security VulnerabilitiesThird Party Advisory;VDB Entry
Products affected by CVE-2017-5454
- cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*